This section details the steps that you can take to report major incidents in the Digital resilience incident reporting application. Assess whether any critical services are affected and classify the reported incident as a major incident if necessary. Notify regulators of major incidents, categorized by their severity and security ratings.

The Digital resilience incident reporting module, accessible from the Operational Resilience Workspace, is integrated with Incident Management and Security Incident Response to generate and share reports in the format that is specified by the regulators.

You can generate an initial report within 24 hours, an intermediate report within 72 hours, and a final report within 1 month. All of these reports are automatically triggered by the application from the time that the incident is classified as a major incident.

Report an incident from Incident Management and Security Incident Response or you can report an incident manually in the Operational Resilience Workspace.

You can export the initial, intermediate, and final reports to Microsoft Excel format. The exported file includes tabs for each section of the questionnaire, with questions in the first row and user responses in the second row. You can add more sections and questions in the assessment workspace, and the exported file reflects these changes.